During these challenging times, Severson & Werson remains open and in full operation, consistent with the firm’s previously established contingency planning. While many of our attorneys and staff will be working remotely, as a firm, we continue in full operation. We are here to help, as always.

Data Breach

Subscribe to Consumer Finance

Thank you for your desire to subscribe to Severson & Werson’s Consumer Finance Weblog. In order to subscribe, you must provide a valid name and e-mail address. This too will be retained on our server. When you push the “subscribe button”, we will send an electronic mail to the address that you provided asking you to confirm your subscription to our Weblog. By pushing the “subscribe button”, you represent and warrant that you are over the age of 18 years old, are the owner/authorized user of that e-mail address, and are entitled to receive e-mails at that address. Our weblog will retain your name and e-mail address on its server, or the server of its web host. However, we won’t share any of this information with anyone except the Firm’s employees and contractors, except under certain extraordinary circumstances described on our Privacy Policy and (About The Consumer Finance Blog/About the Appellate Tracker Weblog) Page. NOTICE AND AGREEMENT REGARDING E-MAILS AND CALLS/TEXT MESSAGES TO LAND-LINE AND WIRELESS TELEPHONES: By providing your contact information and confirming your subscription in response to the initial e-mail that we send you, you agree to receive e-mail messages from Severson & Werson from time-to-time and understand and agree that such messages are or may be sent by means of automated dialing technology. If you have your email forwarded to other electronic media, including text messages and cellular telephone by way of VoIP, internet, social media, or otherwise, you agree to receive my messages in that way. This may result in charges to you. Your agreement and consent also extend to any other agents, affiliates, or entities to whom our communications are forwarded. You agree that you will notify Severson & Werson in writing if you revoke this agreement and that your revocation will not be effective until you notify Severson & Werson in writing. You understand and agree that you will afford Severson & Werson a reasonable time to unsubscribe you from the website, that the ability to do so depends on Severson & Werson’s press of business and access to the weblog, and that you may still receive one or more emails or communications from weblog until we are able to unsubscribe you.

In Stasi v. Inmediata Health Grp. Corp., No. 19cv2353 JM (LL), 2020 U.S. Dist. LEXIS 217097 (S.D. Cal. Nov. 19, 2020), Judge Miller allowed a data security breach class action to proceed.  The basis of the class action was as follows: According to Plaintiffs' FAC,1 Inmediata provides billing and health record software and service solutions to healthcare providers. (FAC ¶¶… Read More

In Holly v. Alta Newport Hosp., Inc., No. 2:19-cv-07496-ODW (MRWx), 2020 U.S. Dist. LEXIS 195652 (C.D. Cal. Oct. 21, 2020), Judge Wright dismissed a data breach class action because the class representative could not demonstrate compensable loss. Holly alleges that she suffered "emotional harm and distress and has been injured in her mind and body." (SAC ¶ 49.) She also… Read More

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued an advisory yesterday, alerting companies who engage with victims of ransomware attacks of potential sanctions risks for facilitating ransomware payments.  This advisory highlights OFAC’s designations of malicious cyber actors and those who facilitate ransomware transactions under its cyber-related sanctions program. It identifies U.S. government resources for reporting… Read More

In In re Capital One Consumer Data Sec. Breach Litig., No. 1:19md2915 (AJT/JFA), 2020 U.S. Dist. LEXIS 91736, at *5-9 (E.D. Va. May 26, 2020), Judge Anderson found that a consultant's report prepared in connection with a data breach was not entitled to work product protection and must be turned over to the Plaintiffs. The facts were as follows: On… Read More

In In re Solara Med. Supplies, LLC Customer Data Sec. Breach Litig., No. 3:19-cv-2284-H-KSC, 2020 U.S. Dist. LEXIS 80736 (S.D. Cal. May 7, 2020), Judge Huff allowed a data breach claim to proceed. The facts were as follows: On November 13, 2019, Solara Medical Supplies, LLC ("Solara") notified its customers of a security incident that may have compromised the information… Read More

In Stasi v. Inmediata Health Grp. Corp., No. 19cv2353 JM (LL), 2020 U.S. Dist. LEXIS 79303, at *1-4 (S.D. Cal. May 5, 2020), Judge Miller dismissed a nationwide identity theft/data breach class action. The facts were as follows: Plaintiffs allege that in January of 2019, Inmediata learned it was experiencing a large "data security incident" resulting in the exposure of… Read More

The CCPA went live on January 1, 2020, creating a cause of action and potential liability of between $100 to $750 per person for a data breach deriving from a business' failure to maintain reasonable policies and procedures.  Unfortunately, the CCPA does not define the term "reasonable".  While compliance lawyers and consultants properly have been advising their clients to shore… Read More

In Adkins v. Facebook, Inc., No. C 18-05982-WHA, 2019 U.S. Dist. LEXIS 206271 (N.D. Cal. Nov. 26, 2019), Judge Alsup granted in part and denied in part a data breach class. This is a putative class action by plaintiff Stephen Adkins against defendant Facebook, Inc. Plaintiff asserts a claim for negligence based on Facebook's alleged faulty security practices in collecting… Read More

In Anderson v. Kimpton Hotel & Rest. Grp., LLC, No. 19-cv-01860-MMC, 2019 U.S. Dist. LEXIS 133869, at *13-14 (N.D. Cal. Aug. 8, 2019), Judge Chesney dismissed a data breach claim under California's data breach statute, Civil Code 1798.81.5.  The facts were as follows: In their complaint, plaintiffs [*2]  allege "Kimpton uses an online reservation system that facilitates the booking of hotel… Read More

1 2